March 13, 2020
Followup Audit on Corrective Actions Taken by DoD Components in Response to DoD Cyber Red Team-Identified Vulnerabilities and Additional Challenges Facing DoD Cyber Red Team Missions (DODIG-2020-067)
Publicly Released: March 17, 2020
The objective of this followup audit was to determine whether DoD Cyber Red Teams and DoD Components took actions to correct problems identified in Report No. DODIG-2013-035, "Better Reporting and Certification Processes Can Improve Red Teams' Effectiveness," December 21, 2012. In addition, we determined whether DoD Cyber Red Teams supported operational testing and combatant command exercises to identify network vulnerabilities, threats, and other security weaknesses affecting DoD systems, networks, and facilities, and whether corrective actions were taken to address DoD Cyber Red Team findings. We also assessed risks affecting the ability of DoD Cyber Red Teams to support DoD missions and priorities.